Methods for preventing a distributed denial service attack and devices thereof

US 9,609,017 B1
Filed: 02/19/2013
Issued: 03/28/2017
Est. Priority Date: 02/20/2012
Status: Active Grant

First Claim

Patent Images

1. A method for mitigating distributed denial of service attacks executable by a system comprising one or more traffic manager computing devices, client devices and server devices across one or more networks, the method comprising steps to:

obtain by a first processor network information relating to a received request from a requesting device, the obtained network information comprising a plurality of network parameters associated with the requesting device, wherein the obtaining further comprises determining when additional network information is required to assign a rating;

determine by a second processor a rating for the network parameters based on an associated weight value when the additional network information is determined not to be required to assign the rating, wherein the network parameters are separately assigned with associated weight values;

determine by a third processor an action to take with respect to the request based on a comparison of a determined rating and a threshold rating, wherein the determining further comprises assigning one or more classification policies to a section of a range in the threshold rating; and

execute by a fourth processor a determined action comprising adjusting one or more quality of service parameters to a connection associated with the requesting device, wherein the quality of service parameters comprise one or more of an error rate, a bit rate, or a transmission delay.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method, non-transitory computer readable medium and global traffic manager computing device for preventing distributed denial of service attack comprising machine executable code which when executed by at least one processor, causes the processor to perform steps including obtaining network information relating to a request in response to receiving the request. A rating is determined for the obtained network information based on one or more network parameters. An action to be taken for the received request is determined based on a comparison of the determined rating and a threshold rating. The determined action is executed for the received request.

Citations

17 Claims

1. A method for mitigating distributed denial of service attacks executable by a system comprising one or more traffic manager computing devices, client devices and server devices across one or more networks, the method comprising steps to:
- obtain by a first processor network information relating to a received request from a requesting device, the obtained network information comprising a plurality of network parameters associated with the requesting device, wherein the obtaining further comprises determining when additional network information is required to assign a rating;
  
  determine by a second processor a rating for the network parameters based on an associated weight value when the additional network information is determined not to be required to assign the rating, wherein the network parameters are separately assigned with associated weight values;
  
  determine by a third processor an action to take with respect to the request based on a comparison of a determined rating and a threshold rating, wherein the determining further comprises assigning one or more classification policies to a section of a range in the threshold rating; and
  
  execute by a fourth processor a determined action comprising adjusting one or more quality of service parameters to a connection associated with the requesting device, wherein the quality of service parameters comprise one or more of an error rate, a bit rate, or a transmission delay.
- View Dependent Claims (2, 3, 4, 5, 16, 17)
- - 2. The method as set forth in claim 1 further comprises employing at least one of the first, second, third, or the fourth processors on the one or more global traffic manager computing devices to obtain the additional network information when it is determined that additional network information is required to assign the rating.
  - 3. The method as set forth in claim 1 wherein the determined action comprises employing at least one of the first, second, third, or the fourth processors on the one or more global traffic manager computing devices to respond to the request when the rating is greater than the threshold rating.
  - 4. The method as set forth in claim 1 wherein the determined action comprises employing at least one of the first, second, third, or the fourth processors on the one or more global traffic manager computing devices to process the request based on one or more classification policy when the rating is lesser than the threshold rating.
  - 5. The method as set forth in claim 1 further comprising employing at least one of the first, second, third, or the fourth processors on the one or more global traffic manager computing devices to assign the determined rating to the obtained network information.
  - 16. The method as set forth in claim 1 wherein the first processor, the second processor, the third processor, and the fourth processor are the same processor.
  - 17. The method as set forth in claim 1 wherein at least one of the first processor, the second processor, the third processor, and the fourth processors are on the same computing device.

6. A non-transitory computer readable medium having stored thereon instructions for preventing distributed denial of service attack comprising machine executable code which when executed by at least one processor, causes the processor to perform steps to and that comprise:
- obtain network information relating to a received request from a requesting device, the obtained network information comprising a plurality of network parameters associated with the requesting device, wherein the obtaining further comprises determining when additional network information is required to assign a rating;
  
  determine a rating for the network parameters based on an associated weight value when the additional network information is determined not to be required to assign the rating, wherein the network parameters are separately assigned with associated weight values;
  
  determine an action to take with respect to the request based on a comparison of a determined rating and a threshold rating, wherein the determining further comprises assigning one or more classification policies to a section of a range in the threshold rating; and
  
  execute a determined action comprising adjusting one or more quality of service parameters to a connection associated with the requesting device, wherein the quality of service parameters comprise one or more of an error rate, a bit rate, or a transmission delay.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The medium as set forth in claim 6 further comprises obtain the additional network information when it is determined that additional network information is required to assign the rating.
  - 8. The medium as set forth in claim 6 wherein the determined action further comprises respond to the request when the rating is greater than the threshold rating.
  - 9. The medium as set forth in claim 6 wherein the determined action further comprises process the request based on one or more classification policy when the rating is lesser than the threshold rating.
  - 10. The medium as set forth in claim 6 further comprises assign the determined rating to the obtained network information.

11. One or more global traffic manager computing devices comprising:
- at least one of configurable hardware logic configured to be capable of implementing and a processor coupled to a memory and configured to execute programmed instructions stored in the memory comprising step to;
  
  obtain network information relating to a received request from a requesting device, the obtained network information comprising a plurality of network parameters associated with the requesting device, wherein the obtaining further comprises determining when additional network information is required to assign a rating;
  
  determine a rating for the network parameters based on an associated weight value when the additional network information is determined not to be required to assign the rating, wherein the network parameters are separately assigned with associated weight values;
  
  determine an action to take with respect to the request based on a comparison of a determined rating and a threshold rating, wherein the determining further comprises assigning one or more classification policies to a section of a range in the threshold rating; and
  
  execute a determined action comprising adjusting one or more quality of service parameters to a connection associated with the requesting device, wherein the quality of service parameters comprise one or more of an error rate, a bit rate, or a transmission delay.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The device as set forth in claim 11 wherein at least one of the configurable hardware logic is further configured to be capable of implementing or the processor coupled to the memory is further configured to execute programmed instructions stored in the memory to and that comprise step to obtain the additional network information when it is determined that additional network information is required to assign the rating.
  - 13. The device as set forth in claim 11 wherein at least one of the configurable hardware logic is further configured to be capable of implementing or the processor coupled to the memory is further configured to execute programmed instructions stored in the memory for the determined action to and that comprises step to respond to the request when the rating is greater than the threshold rating.
  - 14. The device as set forth in claim 11 wherein at least one of the configurable hardware logic is further configured to be capable of implementing or the processor coupled to the memory is further configured to execute programmed instructions stored in the memory for the determined action to and that comprises step to process the request based on one or more classification policy when the rating is lesser than the threshold rating.
  - 15. The device as set forth in claim 11 wherein at least one of the configurable hardware logic is further configured to be capable of implementing or the processor coupled to the memory is further configured to execute programmed instructions stored in the memory to and that comprise step to assign the determined rating to the obtained network information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
F5 Networks, Inc. (F5 Incorporated)
Original Assignee
F5 Networks, Inc. (F5 Incorporated)
Inventors
Gilbert, Daniel Thomas, Meyer, Nathan
Primary Examiner(s)
Armouche, Hadi
Assistant Examiner(s)
Holmes, Angela

Application Number

US13/770,779
Time in Patent Office

1,498 Days
Field of Search

726/22, 709/224, 709/229
US Class Current

1/1
CPC Class Codes

H04L 61/4511   using domain name system [DNS]

H04L 63/1458   Denial of Service

H04L 67/1029   using data related to the s...

H04L 67/1036   Load balancing of requests ...

H04L 67/61   taking into account QoS or ...

Methods for preventing a distributed denial service attack and devices thereof

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Methods for preventing a distributed denial service attack and devices thereof

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links